Third-Party Cyber Risk Manager

Your team

The Pictet Tech division specialises in designing and integrating cutting-edge software applications, including advanced portfolio management systems, sophisticated trading platforms and comprehensive banking and corporate solutions. As a key contributor to the Group’s strategic advancements, the Pictet Tech division plays a vital role in driving transformative innovations that enhance our services and deliver exceptional value to our clients.
As a Third-party Cyber Risk Manager within Pictet Tech, you will be part of a dynamic Tech & Cyber Risk Management department based in Geneva. You will be responsible for overseeing the cyber risks associated with the Group’s third-party relationships. In this critical role you will lead efforts to identify, assess and mitigate cyber risks and provide support on incidents related to third-party service providers. Your mission will be to develop and run a third-party cyber risk management program focused on effective controls and actionable outcomes.

Your role

• Conducting in-depth assessments of selected third-party providers to identify, evaluate and mitigate potential cyber risks.
• Designing, implementing and maintaining an effective internal control framework to manage third-party and supply-chain cyber risks.
• Supporting the third-party risk management programme by providing guidance on cybersecurity due diligence and risk assessments.
• Taking part in the response to cybersecurity incidents involving third-party providers, acting as a key stakeholder to ensure swift resolution, minimise impact and implement lessons learned.
• Acting as a trusted advisor to the Tech management by providing strategic insights and recommendations on third-party cyber risks and their potential impact on the Group’s operations and reputation.
• Contributing to the Risk & Compliance team’s overall activities, such as reviewing cyber risks of internal solutions or projects and consulting internal technology teams on security issues.

Your profile

• A Bachelor’s or Master’s degree in Computer Science, Information Technology, Information Security, or a related field.
• Proven experience in cybersecurity, information security or IT risk management, with a strong foundation in technical concepts and practices.
• In-depth understanding of third-party risk management principles and their application in a corporate environment.
• Proficiency in international information security standards (e.g., ISO 27001) and familiarity with financial sector regulations, such as the FINMA circular on outsourcing and the Digital Operational Resilience Act (DORA).
• Possession of relevant professional certifications (e.g., CISSP, CISA, CISM, or equivalent) is highly desirable.
• Strong ability to critically assess and challenge third-party service providers on technical and cybersecurity matters.
• Self-driven, proactive and solution-oriented mindset, with excellent problem-solving skills.
• Fluency in both French and English, with strong communication and interpersonal skills.
• Residency in Switzerland or willingness to relocate.

Ref. TPCRM/CRO/RB

Note

Diversity & Inclusion

Pictet is an equal opportunity employer and is committed to creating a diverse environment. We respect all individuals and seek their inclusion in the workplace.